OMPUB-159:新增v21.06适配mirror流量的DPI安装包

2021-07-06 14:48:40 +08:00
parent 3322c11ad9
commit e3977b920e
236 changed files with 218 additions and 9473 deletions
--- a/roles/firewall/templates/app_l7_proto_id.conf.j2
+++ b/roles/firewall/templates/app_l7_proto_id.conf.j2
@@ -1,51 +0,0 @@
-#TYPE：1:UCHAR,2:USHORT,3:USTRING,4:ULOG,5:USTRING,6:FILE,7:UBASE64,8:PACKET
-#TYPE	FIELD		VALUE
-STRING	UNCATEGORIZED	100
-STRING	UNCATEGORIZED	101
-STRING	UNKNOWN_OTHER	102
-STRING	DNS		103
-STRING	FTP		104
-STRING	FTPS		105
-STRING	HTTP		106
-STRING	HTTPS		107
-STRING	ICMP		108
-STRING	IKE		109
-STRING	MAIL		110
-STRING	IMAPS		111
-STRING	IPSEC		112
-STRING	XMPP		113
-STRING	L2TP		114
-STRING	NTP		115
-STRING	POP3S		117
-STRING	PPTP		118
-STRING	QUIC		119
-STRING	SIP		120
-STRING	SMB		121
-STRING	SMTPS		123
-STRING	SPDY		124
-STRING	SSH		125
-STRING	SSL		126
-STRING	SOCKS		127
-STRING	TELNET		128
-STRING	DHCP		129
-STRING	RADIUS		130
-STRING	OPENVPN		131
-STRING	STUN		132
-STRING	TEREDO		133
-STRING	DTLS		134
-STRING	DoH		135
-STRING	ISAKMP		136
-STRING	MDNS		137
-STRING	NETBIOS		138
-STRING	NETFLOW		139
-STRING	RDP		140
-STRING	RTCP		141
-STRING	RTP		142
-STRING	SLP		143
-STRING	SNMP		144
-STRING	SSDP		145
-STRING	TFTP		146
-STRING	BJNP		147
-STRING	LDAP		148
-STRING	RTMP		149
-STRING	RTSP		150
--- a/roles/firewall/templates/capture_packet_plug.conf.j2
+++ b/roles/firewall/templates/capture_packet_plug.conf.j2
@@ -1,28 +0,0 @@
-[MAAT]
-MAAT_MODE=2
-#EFFECTIVE_FLAG=
-STAT_SWITCH=1
-PERF_SWITCH=1
-TABLE_INFO=conf/capture_packet_tableinfo.conf
-STAT_FILE=capture_packet_maat.status
-EFFECT_INTERVAL_S=1
-REDIS_IP={{ maat_redis_server.address }}
-REDIS_PORT_NUM={{ maat_redis_server.port_num }}
-REDIS_PORT={{ maat_redis_server.port }}
-REDIS_INDEX={{ maat_redis_server.db }}
-JSON_CFG_FILE=conf/capture_packet_maat.json
-INC_CFG_DIR=capture_packet_rule/inc/index/
-FULL_CFG_DIR=capture_packet_rule/full/index/
-EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
-
-ACCEPT_TAGS={"tags":[{"tag":"data_center","value":"{{ data_center }}"}]}
-
-[LOG]
-NIC_NAME={{ nic_mgr.name }}
-BROKER_LIST={{ log_kafkabrokers.address | join(",") }}
-FIELD_FILE=conf/capture_packet_log_field.conf
-
-[SYSTEM]
-LOG_LEVEL={{ capture_packet_log_level }}
-LOG_PATH=./tsglog/capture_packet_plug/capture_packet
-
--- a/roles/firewall/templates/http.conf.j2
+++ b/roles/firewall/templates/http.conf.j2
@@ -0,0 +1,43 @@
+#http_special
+#all regions
+1	HTTP_ALL
+2	HTTP_OTHER_REGIONS
+#http state
+3	HTTP_STATE
+4	HTTP_REQ_LINE
+5	HTTP_RES_LINE	
+6	HTTP_CONTENT            
+7	HTTP_UNGZIP_CONTENT
+8	HTTP_MESSAGE_URL
+9	HTTP_URI
+#http_request
+10	HTTP_HOST
+11	HTTP_REFERER
+12	HTTP_USER_AGENT
+13	HTTP_COOKIE
+14	HTTP_PROXY_AUTHORIZATION
+15	HTTP_AUTHORIZATION
+#http_response
+16	HTTP_LOCATION
+17	HTTP_SERVER
+18	HTTP_ETAG
+#http_general
+19	HTTP_DATE
+20	HTTP_TRAILER
+21	HTTP_TRANSFER_ENCODING
+22	HTTP_VIA
+23	HTTP_PRAGMA
+24	HTTP_CONNECTION
+#http_content
+25	HTTP_CONT_ENCODING
+26	HTTP_CONT_LANGUAGE
+27	HTTP_CONT_LOCATION
+28	HTTP_CONT_DISPOSITION
+29	HTTP_CONT_RANGE
+30	HTTP_CONT_LENGTH
+31	HTTP_CONT_TYPE
+32	HTTP_CHARSET
+33	HTTP_EXPIRES
+34	HTTP_X_FLASH_VERSION
+35	HTTP_TRANSFER_LENGTH
+36	Set-Cookie
--- a/roles/firewall/templates/maat.conf.j2
+++ b/roles/firewall/templates/maat.conf.j2
@@ -32,21 +32,5 @@ INC_CFG_DIR=tsgrule/inc/index/
 FULL_CFG_DIR=tsgrule/full/index/
 EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json

-[APP_SIGNATURE_MAAT]
-MAAT_MODE=2
-STAT_SWITCH=1
-PERF_SWITCH=1
-TABLE_INFO=tsgconf/app_sketch_tableinfo.conf
-STAT_FILE=app_sketch_maat.status
-EFFECT_INTERVAL_S=1
-REDIS_IP={{ maat_redis_server.address }}
-REDIS_PORT_NUM={{ maat_redis_server.port_num }}
-REDIS_PORT={{ maat_redis_server.port }}
-REDIS_INDEX={{ maat_redis_server.db }}
-JSON_CFG_FILE=tsgconf/app_sketch_maat.json
-INC_CFG_DIR=tsgrule/inc/index/
-FULL_CFG_DIR=tsgrule/full/index/
-EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
-
 [MAAT]
 ACCEPT_TAGS={"tags":[{"tag":"data_center","value":"{{ data_center }}"}]}
--- a/roles/firewall/templates/main.conf.j2
+++ b/roles/firewall/templates/main.conf.j2
@@ -66,11 +66,16 @@ ENTRANCE_ID={{ tsg_master_entrance_id }}
 LOG_LEVEL={{ tsg_master_log_level }}
 LOG_PATH="./tsglog/tsg_master"
 POLICY_PRIORITY_LABEL="POLICY_PRIORITY"
+L7_PROTOCOL_FILE="./tsgconf/tsg_l7_protocol.conf"
 DEVICE_ID_COMMAND="hostname | awk -F'-' '{print $3}'| awk -F'adc' '{print $2}'"

 [TSG_CONN_SKETCH]
 log_service=2
-
+live_service=6
+transaction_service=7
+live_service_switch=1
+transaction_service_switch=1
+live_intervals_time = 30

 [HOS_CONF]
 hos_serverip="{{ firewall.hos_serverip }}"
@@ -82,14 +87,3 @@ hos_thread_sum={{ firewall.hos_thread_sum }}
 hos_cache_size={{ firewall.hos_cache_size }}
 hos_fs2_serverip="{{ firewall.hos_fs2_serverip }}"
 hos_fs2_serverport={{ firewall.hos_fs2_serverport }}
-
-[APP_SKETCH_LOCAL]
-LOG_LEVEL={{ firewall.APP_SKETCH_LOG_LEVEL }}
-LOG_PATH="{{ firewall.APP_SKETCH_LOG_PATH }}"
-L7_PROTOCOL_LABEL="{{ firewall.APP_SKETCH_L7_PROTOCOL_LABEL }}"
-
-[APP_SKETCH_FEEDBACK]
-QOS={{ firewall.APP_SKETCH_QOS }}
-PUBLISH_TOPIC="{{ firewall.APP_SKETCH_PUBLISH_TOPIC }}"
-#CLIENT_ID=
-BROKER_LIST="{{ firewall.APP_SKETCH_BROKER_LIST }}"
--- a/roles/firewall/templates/tsg_conn_sketch.inf.j2
+++ b/roles/firewall/templates/tsg_conn_sketch.inf.j2
@@ -25,11 +25,22 @@ FUNC_NAME=tsg_record_http_entry
 FUNC_FLAG=SSL_CLIENT_HELLO,SSL_SERVER_HELLO,SSL_APPLICATION_DATA,SSL_CERTIFICATE_DETAIL
 FUNC_NAME=tsg_record_ssl_entry

-#[DNS]
-#FUNC_FLAG=ALL
-#FUNC_NAME=tsg_record_dns_entry
+[DNS]
+FUNC_FLAG=ALL
+FUNC_NAME=tsg_record_dns_entry

 [MAIL]
 FUNC_FLAG=ALL
 FUNC_NAME=tsg_record_mail_entry

+[RTP]
+FUNC_FLAG=ALL
+FUNC_NAME=tsg_record_rtp_entry
+
+[SIP]
+FUNC_FLAG=ALL
+FUNC_NAME=tsg_record_sip_entry
+
+[FTP]
+FUNC_FLAG=ALL
+FUNC_NAME=tsg_record_ftp_entry